Riley is a file integrity checker written in Perl,somewhat similar to Tripwire.
Running 'riley -initialize' puts a file called '.riley' in each directory specified in the configuration file. Each '.riley' file contains N one-line descriptions, one description per file. Each description contains the name of the file, type, size, owner, group,
permissions, and number of links. If the file is a regular file, each description also contains an MD5 checksum of the contents of the file. Each '.riley' file also contains a MD5 checksum of the file itself to forestall tampering.
Running 'riley -examine' compares the current state of every file against the description created earlier by running 'riley -initialize'. If anything has changed, it notes the change both in the system log file and via email. It is noticing the existance of new files as well as the non-existance of deleted files.
If you're feeling paranoid, you can run 'riley -correct' instead of 'riley -examine'. Doing this changes the permissions/ownership of changed files back to what the description file says they should be. 'riley -correct' treats new files suspiciously, changing their ownership/
group to nobody/nobody (99/99 on most RedHat systems), and their permissions to 0. If you don't want to use 'nobody/nobody', change the values of the global variables '$unpriv_u' and '$unpriv_g' to something else, perhaps an owner/group you've specifically created for the occasion.
What's New in This Release:
· added code to handle dangling symlinks (thanks to chad townsend)
· added code to print usage when option "-help" given
· minor cosmetic fixes (removed un-used variables, added comments)
· added code to install program to check for "chattr"